package com.example.systema.shiro;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    /**
     * 1.创建ShiroFilterFactoryBean
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);
        bean.setLoginUrl("/toLogin");  //设置未登录拦截后的跳转页面,如果不设置该参数，默认跳转到login.jsp
        bean.setUnauthorizedUrl("/unAuth"); // 权限认证失败，则跳转到指定页面
        // Shiro连接约束配置，即过滤链的定义
        Map<String, String> filterMap = new HashMap<>();
        filterMap.put("/user/login", "anon");//登录操作放行，不需要认证
        filterMap.put("/product/toAdd", "perms[product:add]");  //基于资源的授权过滤器
        filterMap.put("/index","user");  //记住我的过滤器
        filterMap.put("/**", "authc"); //认证过滤器
        bean.setFilterChainDefinitionMap(filterMap);  //设置Shiro过滤器

        //自定义拦截器

        return bean;
    }


    /**
     * 2.创建SecurityManager，并关联Realm
     */
    @Bean
    public SecurityManager securityManager(UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 设置realm.
        securityManager.setRealm(userRealm);
        // 记住我
        securityManager.setRememberMeManager(rememberMeManager());

        return securityManager;
    }

    /**
     * 3.创建Realm
     */
    @Bean
    public UserRealm myReal() {
        UserRealm myRealm = new UserRealm();
        return myRealm;
    }


    /**
     * 开启Shiro注解通知器
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
            @Qualifier("securityManager") SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


    /**
     * 记住我
     */
    public CookieRememberMeManager rememberMeManager()
    {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        return cookieRememberMeManager;
    }

    /**
     * cookie 属性设置
     */
    public SimpleCookie rememberMeCookie()
    {
        SimpleCookie cookie = new SimpleCookie("rememberMe");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(120);
        return cookie;
    }
}
